Shipping History - Beware Malware In CC Cleaner

Shipping History (https://www.shippinghistory.com/index.php)

- Computers and The Internet (https://www.shippinghistory.com/forumdisplay.php?f=21)

- - Beware Malware In CC Cleaner (https://www.shippinghistory.com/showthread.php?t=1165)

Beware Malware In CC Cleaner

Members using the software program CC Cleaner be aware that they have found Malware embedded in the program.

Hackers were able to hide malware inside legitimate versions of CCleaner, a popular privacy and PC optimization tool that cleans cookies and junk files out of computers. CCleaner customers have been urged by the software maker to update their software to the most recent version available.

The malware was able to run undetected for nearly four weeks before it was independently discovered by two outside security companies, Morphisec and Cisco’s Talos, in September. In that time, infected versions of the security app were downloaded by at least 2.27 million people.

To be very honest I've always been deeply suspicious of programs designed to clean the Windows Registry. And there's a whole bunch of them. Always seemed to me a good way to allow software to penetrate the very heart of Windows, and if that gets hacked, well .... raise the portcullis guys and let the demon hordes into your system.

But that's just me.

I'd sooner edit the registry myself and search and destroy any path I thought no longer relevant. Facilities readily available in Windows right up to version 10.

OK I'm sceptical by nature, but 'cleaner' programs have always worried me. I don't doubt some of them are good, but you're opening the door to the 'Night King.'

Good luck on that.

Quite agree; I firmly believe in DIY.

Thanks for that. I am just recovering from a nasty infection in my computer. will delete that program now.

I agree with Bob too. Years of using a company supplied laptop has taught me to be very sceptical, if not paranoid, about downloading any programs that look even faintly dodgy.

This also applies to opening emails from unknown sources, especially ones with attachments.

Old habits die hard.

BillyBoy PM'd me about his machine and I thought about publishing my reply here because I'm worried some might not be familiar with the Windows Registry and I cannot warn enough about poking around in the Registry using the Windows program 'regedit.'

So I'm going to copy my reply to this post just to let you all know that while these facilities are fully available in all versions on Windows, you would be advised to read up on 'regedit' before committing to it. On many searches for curing problems you will often see advice to alter, delete or create registry keys and 'regedit' is where you do this. BUT IT IS DANGEROUS.

Here is my reply to the PM:

Quote:

Originally Posted by BobClay

Quote:

Originally Posted by billyboy

"I'd sooner edit the registry myself and search and destroy any path I thought no longer relevant. Facilities readily available in Windows right up to version 10."

Good morning Bob. I am very interested in learning how to do just that. Can you PM me a clue on how to do it myself please. I am recovering from a nasty one that has infected computers of high profile people in the UK Most unpleasant.
I have now dumped crap cleaner entirely. Thank you.
Billyboy.

Well editing the Registry is performed by running a program built into Windows called 'regedit' but I must emphasise that this is highly dangerous as the edit takes effect instantly and can do a lot of damage.

If you are infected you will probably have to remove the infection with antivirus software. Registry cleaning programs tend to just search the registry for paths that no longer exist and remove them in an effort to reduce the size. This is where they are inherently dangerous should their code be penetrated.

One program I would recommend for cleaning out malicious software is Malwarebytes, this is pretty much trade recognized and comes as a free and pro version. It is in fact searching for actual malicious code rather than just cleaning leftover remnants of old programs from the Registry.

Once cleaned create restore points. These effectively store copies of much of the registry which can be used to fall back on by restoring to an earlier date.

There are other tools by which you can save out parts of the registry I.E. import and export sections, built in to Regedit, but again I must point out that editing the Registry is a dangerous procedure. I'd read up on Regedit before running it, then run it and examine it without changing anything. The Registry is very large and holds a vast amount of information about the entire system and all programs installed on it.

To run Regedit, simply select Run, or enter 'regedit' in the start up box. BUT BE CAREFUL.

Bob, what are your thoughts on Total AV.

Well your choice of AV software is purely your personal preference. One thing I wouldn't do is run without it !!

I use two computers primarily for the Internet. A fairly old desktop with the insider ring test versions of Windows 10 on it which of late has been putting in new builds once a week, the latest being version 1709 build 16299.

On this I use the inbuilt Windows Defender, Malwarebytes and a standalone Hitman Pro to remove tracking cookies and the like. So far I haven't been hit but I do scans very regularly, daily with Malwarebytes. Occasional Trojans are uncovered.

The laptop came with McaFee but I didn't renew it after the first year. It had so many overheads it greatly reduced the speed of the machine. So I also ran the same i.e. Defender, Malwarebytes and Hitman Pro after that and again so far I've been ok.

However don't take this as gospel. If you're happy with your AV software then by all means stick with it. But make sure it's kept updated and do deep scans regularly.

It goes without saying as others have pointed out that you should treat suspicious looking emails with unrecognized origin addresses and attachments with a large amount of caution. Also keep your system images up to date because if the worst comes to the worst you can always take your machine back to your last image. And with that in mind, make sure you've got a 'repair disk' if you're using Windows, easily made within Windows providing you've got a blank DVD and a writer.

To restore a system image you need the 'repair disk' to boot up on from the DVD drive.

(Oh, and don't store the image on a partition of your main hard drive, it needs to be separate.)

Bob, thanks for that. I use Norton not popular with a lot of people I know, but it does ok for me. I was thinking of adding AV & that was why I posed the question.

If you're happy with that's good enough. Keep it updated and keep Windows updated as security holes are constantly being patched.

I have been reading a lot about PC Matic very good reviews. I plan to buy it when the one I use runs out.

PCMatic is excellent.
geoff